docs/NixOS/networking/wireguard/index.html

7408 lines
140 KiB
HTML
Raw Normal View History

2024-07-24 19:14:02 +00:00
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="Aux Documentation">
<meta name="author" content="Nixpkgs Aux, and Lix Contributors">
<link rel="canonical" href="https://docs.auxolotl.org/NixOS/networking/wireguard/">
<link rel="prev" href="../wg-quick/">
<link rel="next" href="../wireless/">
<link rel="icon" href="../../../assets/aux-logo.svg">
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.29">
<title>Wireguard - Aux Docs</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.76a95c52.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.06af60db.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.bunny.net/css?family=IBM+Plex+Sans:300,300i,400,400i,700,700i%7CIBM+Plex+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"IBM Plex Sans";--md-code-font:"IBM Plex Mono"}</style>
<script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
<meta property="og:type" content="website" >
<meta property="og:title" content="Wireguard - Aux Docs" >
<meta property="og:description" content="Aux Documentation" >
<meta property="og:image" content="https://docs.auxolotl.org/assets/images/social/NixOS/networking/wireguard.png" >
<meta property="og:image:type" content="image/png" >
<meta property="og:image:width" content="1200" >
<meta property="og:image:height" content="630" >
<meta property="og:url" content="https://docs.auxolotl.org/NixOS/networking/wireguard/" >
<meta name="twitter:card" content="summary_large_image" >
<meta name="twitter:title" content="Wireguard - Aux Docs" >
<meta name="twitter:description" content="Aux Documentation" >
<meta name="twitter:image" content="https://docs.auxolotl.org/assets/images/social/NixOS/networking/wireguard.png" >
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="blue">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#networkingwireguardenable" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../../.." title="Aux Docs" class="md-header__button md-logo" aria-label="Aux Docs" data-md-component="logo">
<img src="../../../assets/aux-logo.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Aux Docs
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Wireguard
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="blue" aria-label="Dark Mode" type="radio" name="__palette" id="__palette_0">
<label class="md-header__button md-icon" title="Dark Mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="indigo" data-md-color-accent="blue" aria-label="Light Mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Light Mode" for="__palette_0" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" tabindex="0" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://git.auxolotl.org/auxolotl/docs" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
</div>
<div class="md-source__repository">
auxolotl/docs
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../../.." class="md-tabs__link">
Aux Documentation Hub
</a>
</li>
<li class="md-tabs__item">
<a href="../../../TODO/" class="md-tabs__link">
TODO
</a>
</li>
<li class="md-tabs__item">
<a href="../../../Aux/" class="md-tabs__link">
Aux
</a>
</li>
<li class="md-tabs__item">
<a href="../../../Lix/" class="md-tabs__link">
Lix
</a>
</li>
<li class="md-tabs__item md-tabs__item--active">
<a href="../../appstream/" class="md-tabs__link">
NixOS
</a>
</li>
<li class="md-tabs__item">
<a href="../../../Nixpkgs/" class="md-tabs__link">
Nixpkgs
</a>
</li>
</ul>
</div>
</nav>
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../.." title="Aux Docs" class="md-nav__button md-logo" aria-label="Aux Docs" data-md-component="logo">
<img src="../../../assets/aux-logo.svg" alt="logo">
</a>
Aux Docs
</label>
<div class="md-nav__source">
<a href="https://git.auxolotl.org/auxolotl/docs" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
</div>
<div class="md-source__repository">
auxolotl/docs
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../.." class="md-nav__link">
<span class="md-ellipsis">
Aux Documentation Hub
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../../TODO/" class="md-nav__link">
<span class="md-ellipsis">
TODO
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../../Aux/" class="md-nav__link">
<span class="md-ellipsis">
Aux
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../../Lix/" class="md-nav__link">
<span class="md-ellipsis">
Lix
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" checked>
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="">
<span class="md-ellipsis">
NixOS
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
NixOS
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../appstream/" class="md-nav__link">
<span class="md-ellipsis">
Appstream
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../console/" class="md-nav__link">
<span class="md-ellipsis">
Console
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../containers/" class="md-nav__link">
<span class="md-ellipsis">
Containers
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../documentation/" class="md-nav__link">
<span class="md-ellipsis">
Documentation
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../dysnomia/" class="md-nav__link">
<span class="md-ellipsis">
Dysnomia
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../ec2/" class="md-nav__link">
<span class="md-ellipsis">
Ec2
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../environment/" class="md-nav__link">
<span class="md-ellipsis">
Environment
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../fileSystems/" class="md-nav__link">
<span class="md-ellipsis">
fileSystems
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../fonts/" class="md-nav__link">
<span class="md-ellipsis">
Fonts
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../gtk/" class="md-nav__link">
<span class="md-ellipsis">
Gtk
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../hardware/" class="md-nav__link">
<span class="md-ellipsis">
Hardware
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../i18n/" class="md-nav__link">
<span class="md-ellipsis">
I18n
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../image/" class="md-nav__link">
<span class="md-ellipsis">
Image
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../lib/" class="md-nav__link">
<span class="md-ellipsis">
Lib
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../location/" class="md-nav__link">
<span class="md-ellipsis">
Location
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../nix/" class="md-nav__link">
<span class="md-ellipsis">
Nix
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../nixops/" class="md-nav__link">
<span class="md-ellipsis">
Nixops
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../nixpkgs/" class="md-nav__link">
<span class="md-ellipsis">
Nixpkgs
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../oci/" class="md-nav__link">
<span class="md-ellipsis">
Oci
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../openstack/" class="md-nav__link">
<span class="md-ellipsis">
Openstack
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../power/" class="md-nav__link">
<span class="md-ellipsis">
Power
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../powerManagement/" class="md-nav__link">
<span class="md-ellipsis">
powerManagement
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../qt/" class="md-nav__link">
<span class="md-ellipsis">
Qt
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../specialisation/" class="md-nav__link">
<span class="md-ellipsis">
Specialisation
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../swapDevices/" class="md-nav__link">
<span class="md-ellipsis">
swapDevices
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../system/" class="md-nav__link">
<span class="md-ellipsis">
System
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../time/" class="md-nav__link">
<span class="md-ellipsis">
Time
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../xdg/" class="md-nav__link">
<span class="md-ellipsis">
Xdg
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../zramSwap/" class="md-nav__link">
<span class="md-ellipsis">
zramSwap
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../boot/" class="md-nav__link">
<span class="md-ellipsis">
Boot
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_31" checked>
<div class="md-nav__link md-nav__container">
<a href="../" class="md-nav__link ">
<span class="md-ellipsis">
Networking
</span>
</a>
<label class="md-nav__link " for="__nav_5_31" id="__nav_5_31_label" tabindex="0">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_31_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_5_31">
<span class="md-nav__icon md-icon"></span>
Networking
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../bonds/" class="md-nav__link">
<span class="md-ellipsis">
Bonds
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../bridges/" class="md-nav__link">
<span class="md-ellipsis">
Bridges
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../defaultGateway/" class="md-nav__link">
<span class="md-ellipsis">
defaultGateway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../defaultGateway6/" class="md-nav__link">
<span class="md-ellipsis">
defaultGateway6
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../dhcpcd/" class="md-nav__link">
<span class="md-ellipsis">
Dhcpcd
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../firewall/" class="md-nav__link">
<span class="md-ellipsis">
Firewall
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../fooOverUDP/" class="md-nav__link">
<span class="md-ellipsis">
fooOverUDP
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../greTunnels/" class="md-nav__link">
<span class="md-ellipsis">
greTunnels
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../interfaces/" class="md-nav__link">
<span class="md-ellipsis">
Interfaces
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../iproute2/" class="md-nav__link">
<span class="md-ellipsis">
Iproute2
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../jool/" class="md-nav__link">
<span class="md-ellipsis">
Jool
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../macvlans/" class="md-nav__link">
<span class="md-ellipsis">
Macvlans
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../nat/" class="md-nav__link">
<span class="md-ellipsis">
Nat
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../networkmanager/" class="md-nav__link">
<span class="md-ellipsis">
Networkmanager
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../nftables/" class="md-nav__link">
<span class="md-ellipsis">
Nftables
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../openconnect/" class="md-nav__link">
<span class="md-ellipsis">
Openconnect
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../proxy/" class="md-nav__link">
<span class="md-ellipsis">
Proxy
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../resolvconf/" class="md-nav__link">
<span class="md-ellipsis">
Resolvconf
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../rxe/" class="md-nav__link">
<span class="md-ellipsis">
Rxe
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../sits/" class="md-nav__link">
<span class="md-ellipsis">
Sits
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../stevenblack/" class="md-nav__link">
<span class="md-ellipsis">
Stevenblack
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../supplicant/" class="md-nav__link">
<span class="md-ellipsis">
Supplicant
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../tcpcrypt/" class="md-nav__link">
<span class="md-ellipsis">
Tcpcrypt
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../ucarp/" class="md-nav__link">
<span class="md-ellipsis">
Ucarp
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../vlans/" class="md-nav__link">
<span class="md-ellipsis">
Vlans
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../vswitches/" class="md-nav__link">
<span class="md-ellipsis">
Vswitches
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../wg-quick/" class="md-nav__link">
<span class="md-ellipsis">
Wg quick
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
Wireguard
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
Wireguard
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#networkingwireguardenable" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.enable
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.enable">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfaces" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_1" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_1" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameallowedipsasroutes" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.allowedIPsAsRoutes
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.allowedIPsAsRoutes">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_2" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_2" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamefwmark" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.fwMark
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.fwMark">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_3" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_3" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamegenerateprivatekeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.generatePrivateKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.generatePrivateKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_4" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameinterfacenamespace" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.interfaceNamespace
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.interfaceNamespace">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_5" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_4" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameips" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.ips
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.ips">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_6" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_5" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamelistenport" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.listenPort
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.listenPort">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_7" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_6" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamemetric" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.metric
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.metric">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_8" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_7" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamemtu" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.mtu
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.mtu">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_9" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_8" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeers" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_10" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersallowedips" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.allowedIPs
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.allowedIPs">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#example_9" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersdynamicendpointrefreshrestartseconds" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshRestartSeconds
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_11" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_10" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersdynamicendpointrefreshseconds" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshSeconds
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_12" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_11" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersendpoint" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.endpoint
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.endpoint">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_13" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_12" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersname" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.name
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.name">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_14" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_13" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspersistentkeepalive" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.persistentKeepalive
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_15" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_14" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspresharedkey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.presharedKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_16" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_15" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspresharedkeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.presharedKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_17" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_16" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspublickey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.publicKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.publicKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#example_17" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepostsetup" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.postSetup
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.postSetup">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_18" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_18" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepostshutdown" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.postShutdown
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.postShutdown">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_19" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_19" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepresetup" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.preSetup
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.preSetup">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_20" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_20" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepreshutdown" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.preShutdown
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.preShutdown">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_21" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_21" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameprivatekey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.privateKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.privateKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_22" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_22" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameprivatekeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.privateKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.privateKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_23" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_23" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamesocketnamespace" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.socketNamespace
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.socketNamespace">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_24" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_24" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnametable" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.table
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.table">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_25" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../wireless/" class="md-nav__link">
<span class="md-ellipsis">
Wireless
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../wlanInterfaces/" class="md-nav__link">
<span class="md-ellipsis">
wlanInterfaces
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../programs/_1password-gui/" class="md-nav__link">
<span class="md-ellipsis">
Programs
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../security/" class="md-nav__link">
<span class="md-ellipsis">
Security
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../services/" class="md-nav__link">
<span class="md-ellipsis">
Services
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../systemd/" class="md-nav__link">
<span class="md-ellipsis">
Systemd
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../users/" class="md-nav__link">
<span class="md-ellipsis">
Users
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../virtualisation/" class="md-nav__link">
<span class="md-ellipsis">
Virtualisation
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
<a href="../../../Nixpkgs/" class="md-nav__link">
<span class="md-ellipsis">
Nixpkgs
</span>
<span class="md-nav__icon md-icon"></span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#networkingwireguardenable" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.enable
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.enable">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfaces" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_1" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_1" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameallowedipsasroutes" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.allowedIPsAsRoutes
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.allowedIPsAsRoutes">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_2" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_2" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamefwmark" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.fwMark
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.fwMark">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_3" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_3" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamegenerateprivatekeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.generatePrivateKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.generatePrivateKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_4" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameinterfacenamespace" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.interfaceNamespace
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.interfaceNamespace">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_5" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_4" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameips" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.ips
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.ips">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_6" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_5" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamelistenport" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.listenPort
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.listenPort">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_7" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_6" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamemetric" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.metric
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.metric">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_8" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_7" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamemtu" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.mtu
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.mtu">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_9" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_8" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeers" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_10" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersallowedips" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.allowedIPs
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.allowedIPs">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#example_9" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersdynamicendpointrefreshrestartseconds" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshRestartSeconds
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_11" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_10" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersdynamicendpointrefreshseconds" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshSeconds
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_12" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_11" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersendpoint" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.endpoint
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.endpoint">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_13" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_12" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeersname" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.name
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.name">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_14" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_13" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspersistentkeepalive" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.persistentKeepalive
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_15" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_14" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspresharedkey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.presharedKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_16" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_15" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspresharedkeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.presharedKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_17" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_16" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepeerspublickey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.peers.*.publicKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.peers.*.publicKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#example_17" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepostsetup" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.postSetup
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.postSetup">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_18" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_18" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepostshutdown" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.postShutdown
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.postShutdown">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_19" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_19" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepresetup" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.preSetup
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.preSetup">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_20" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_20" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamepreshutdown" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.preShutdown
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.preShutdown">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_21" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_21" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameprivatekey" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.privateKey
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.privateKey">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_22" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_22" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnameprivatekeyfile" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.privateKeyFile
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.privateKeyFile">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_23" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_23" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnamesocketnamespace" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.socketNamespace
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.socketNamespace">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_24" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#example_24" class="md-nav__link">
<span class="md-ellipsis">
Example
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#networkingwireguardinterfacesnametable" class="md-nav__link">
<span class="md-ellipsis">
networking.wireguard.interfaces.&lt;name&gt;.table
</span>
</a>
<nav class="md-nav" aria-label="networking.wireguard.interfaces.<name>.table">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#default_25" class="md-nav__link">
<span class="md-ellipsis">
Default
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1>Wireguard</h1>
<h2 id="networkingwireguardenable" networking-wireguard-enable="networking-wireguard-enable"><code>networking.wireguard.enable</code></h2>
<p>Whether to enable WireGuard.</p>
<p>Please note that {option}<code>systemd.network.netdevs</code> has more features
and is better maintained. When building new things, it is advised to
use that instead.</p>
<p><strong>Type:</strong> <code>boolean</code></p>
<h3 id="default" networking-wireguard-enable-default="networking-wireguard-enable-default">Default</h3>
<p><code class="highlight">config<span class="o">.</span>networking<span class="o">.</span>wireguard<span class="o">.</span>interfaces <span class="o">!=</span> <span class="p">{</span> <span class="p">}</span></code></p>
<h3 id="example" networking-wireguard-enable-example="networking-wireguard-enable-example">Example</h3>
<p><code class="highlight"><span class="no">true</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfaces" networking-wireguard-interfaces="networking-wireguard-interfaces"><code>networking.wireguard.interfaces</code></h2>
<p>WireGuard interfaces.</p>
<p>Please note that {option}<code>systemd.network.netdevs</code> has more features
and is better maintained. When building new things, it is advised to
use that instead.</p>
<p><strong>Type:</strong> <code>attribute set of (submodule)</code></p>
<h3 id="default_1" networking-wireguard-interfaces-default="networking-wireguard-interfaces-default">Default</h3>
<p><code class="highlight"><span class="p">{</span> <span class="p">}</span></code></p>
<h3 id="example_1" networking-wireguard-interfaces-example="networking-wireguard-interfaces-example">Example</h3>
<p><code class="highlight"><span class="p">{</span><span class="ss">wg0</span> <span class="o">=</span> <span class="p">{</span><span class="ss">ips</span> <span class="o">=</span> <span class="p">[</span><span class="s2">&quot;192.168.20.4/24&quot;</span><span class="p">];</span><span class="ss">peers</span> <span class="o">=</span> <span class="p">[</span><span class="p">{</span><span class="ss">allowedIPs</span> <span class="o">=</span> <span class="p">[</span><span class="s2">&quot;192.168.20.1/32&quot;</span><span class="p">];</span><span class="ss">endpoint</span> <span class="o">=</span> <span class="s2">&quot;demo.wireguard.io:12913&quot;</span><span class="p">;</span><span class="ss">publicKey</span> <span class="o">=</span> <span class="s2">&quot;xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=&quot;</span><span class="p">;</span><span class="p">}</span><span class="p">];</span><span class="ss">privateKey</span> <span class="o">=</span> <span class="s2">&quot;yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=&quot;</span><span class="p">;</span><span class="p">};</span><span class="p">}</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnameallowedipsasroutes" networking-wireguard-interfaces-_wzxhzdk:11_-allowedIPsAsRoutes="networking-wireguard-interfaces-<name>-allowedIPsAsRoutes"><code>networking.wireguard.interfaces.&lt;name&gt;.allowedIPsAsRoutes</code></h2>
<p>Determines whether to add allowed IPs as routes or not.</p>
<p><strong>Type:</strong> <code>boolean</code></p>
<h3 id="default_2" networking-wireguard-interfaces-_wzxhzdk:13_-allowedIPsAsRoutes-default="networking-wireguard-interfaces-<name>-allowedIPsAsRoutes-default">Default</h3>
<p><code class="highlight"><span class="no">true</span></code></p>
<h3 id="example_2" networking-wireguard-interfaces-_wzxhzdk:15_-allowedIPsAsRoutes-example="networking-wireguard-interfaces-<name>-allowedIPsAsRoutes-example">Example</h3>
<p><code class="highlight"><span class="no">false</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamefwmark" networking-wireguard-interfaces-_wzxhzdk:18_-fwMark="networking-wireguard-interfaces-<name>-fwMark"><code>networking.wireguard.interfaces.&lt;name&gt;.fwMark</code></h2>
<p>Mark all wireguard packets originating from
this interface with the given firewall mark. The firewall mark can be
used in firewalls or policy routing to filter the wireguard packets.
This can be useful for setup where all traffic goes through the
wireguard tunnel, because the wireguard packets need to be routed
differently.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_3" networking-wireguard-interfaces-_wzxhzdk:20_-fwMark-default="networking-wireguard-interfaces-<name>-fwMark-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_3" networking-wireguard-interfaces-_wzxhzdk:22_-fwMark-example="networking-wireguard-interfaces-<name>-fwMark-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;0x6e6978&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamegenerateprivatekeyfile" networking-wireguard-interfaces-_wzxhzdk:25_-generatePrivateKeyFile="networking-wireguard-interfaces-<name>-generatePrivateKeyFile"><code>networking.wireguard.interfaces.&lt;name&gt;.generatePrivateKeyFile</code></h2>
<p>Automatically generate a private key with
{command}<code>wg genkey</code>, at the privateKeyFile location.</p>
<p><strong>Type:</strong> <code>boolean</code></p>
<h3 id="default_4" networking-wireguard-interfaces-_wzxhzdk:28_-generatePrivateKeyFile-default="networking-wireguard-interfaces-<name>-generatePrivateKeyFile-default">Default</h3>
<p><code class="highlight"><span class="no">false</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnameinterfacenamespace" networking-wireguard-interfaces-_wzxhzdk:31_-interfaceNamespace="networking-wireguard-interfaces-<name>-interfaceNamespace"><code>networking.wireguard.interfaces.&lt;name&gt;.interfaceNamespace</code></h2>
<p>The pre-existing network namespace the WireGuard
interface is moved to. The special value <code>init</code> means
the init namespace. When <code>null</code>, the interface is not
moved.
See <a href="https://www.wireguard.com/netns/">documentation</a>.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_5" networking-wireguard-interfaces-_wzxhzdk:35_-interfaceNamespace-default="networking-wireguard-interfaces-<name>-interfaceNamespace-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_4" networking-wireguard-interfaces-_wzxhzdk:37_-interfaceNamespace-example="networking-wireguard-interfaces-<name>-interfaceNamespace-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;init&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnameips" networking-wireguard-interfaces-_wzxhzdk:40_-ips="networking-wireguard-interfaces-<name>-ips"><code>networking.wireguard.interfaces.&lt;name&gt;.ips</code></h2>
<p>The IP addresses of the interface.
<strong>Type:</strong> <code>list of string</code></p>
<h3 id="default_6" networking-wireguard-interfaces-_wzxhzdk:42_-ips-default="networking-wireguard-interfaces-<name>-ips-default">Default</h3>
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
<h3 id="example_5" networking-wireguard-interfaces-_wzxhzdk:44_-ips-example="networking-wireguard-interfaces-<name>-ips-example">Example</h3>
<p><code class="highlight"><span class="p">[</span><span class="s2">&quot;192.168.2.1/24&quot;</span><span class="p">]</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamelistenport" networking-wireguard-interfaces-_wzxhzdk:47_-listenPort="networking-wireguard-interfaces-<name>-listenPort"><code>networking.wireguard.interfaces.&lt;name&gt;.listenPort</code></h2>
<p>16-bit port for listening. Optional; if not specified,
automatically generated based on interface name.</p>
<p><strong>Type:</strong> <code>null or signed integer</code></p>
<h3 id="default_7" networking-wireguard-interfaces-_wzxhzdk:49_-listenPort-default="networking-wireguard-interfaces-<name>-listenPort-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_6" networking-wireguard-interfaces-_wzxhzdk:51_-listenPort-example="networking-wireguard-interfaces-<name>-listenPort-example">Example</h3>
<p><code class="highlight"><span class="mi">51820</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamemetric" networking-wireguard-interfaces-_wzxhzdk:54_-metric="networking-wireguard-interfaces-<name>-metric"><code>networking.wireguard.interfaces.&lt;name&gt;.metric</code></h2>
<p>Set the metric of routes related to this Wireguard interface.</p>
<p><strong>Type:</strong> <code>null or signed integer</code></p>
<h3 id="default_8" networking-wireguard-interfaces-_wzxhzdk:56_-metric-default="networking-wireguard-interfaces-<name>-metric-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_7" networking-wireguard-interfaces-_wzxhzdk:58_-metric-example="networking-wireguard-interfaces-<name>-metric-example">Example</h3>
<p><code class="highlight"><span class="mi">700</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamemtu" networking-wireguard-interfaces-_wzxhzdk:61_-mtu="networking-wireguard-interfaces-<name>-mtu"><code>networking.wireguard.interfaces.&lt;name&gt;.mtu</code></h2>
<p>Set the maximum transmission unit in bytes for the wireguard
interface. Beware that the wireguard packets have a header that may
add up to 80 bytes to the mtu. By default, the MTU is (1500 - 80) =
1420. However, if the MTU of the upstream network is lower, the MTU
of the wireguard network has to be adjusted as well.</p>
<p><strong>Type:</strong> <code>null or signed integer</code></p>
<h3 id="default_9" networking-wireguard-interfaces-_wzxhzdk:63_-mtu-default="networking-wireguard-interfaces-<name>-mtu-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_8" networking-wireguard-interfaces-_wzxhzdk:65_-mtu-example="networking-wireguard-interfaces-<name>-mtu-example">Example</h3>
<p><code class="highlight"><span class="mi">1280</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeers" networking-wireguard-interfaces-_wzxhzdk:68_-peers="networking-wireguard-interfaces-<name>-peers"><code>networking.wireguard.interfaces.&lt;name&gt;.peers</code></h2>
<p>Peers linked to the interface.
<strong>Type:</strong> <code>list of (submodule)</code></p>
<h3 id="default_10" networking-wireguard-interfaces-_wzxhzdk:70_-peers-default="networking-wireguard-interfaces-<name>-peers-default">Default</h3>
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeersallowedips" networking-wireguard-interfaces-_wzxhzdk:73_-peers-_-allowedIPs="networking-wireguard-interfaces-<name>-peers-*-allowedIPs"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.allowedIPs</code></h2>
<p>List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
for matching all IPv6 addresses.
<strong>Type:</strong> <code>list of string</code></p>
<h3 id="example_9" networking-wireguard-interfaces-_wzxhzdk:75_-peers-_-allowedIPs-example="networking-wireguard-interfaces-<name>-peers-*-allowedIPs-example">Example</h3>
<p><code class="highlight"><span class="p">[</span><span class="s2">&quot;10.192.122.3/32&quot;</span><span class="s2">&quot;10.192.124.1/24&quot;</span><span class="p">]</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeersdynamicendpointrefreshrestartseconds" networking-wireguard-interfaces-_wzxhzdk:78_-peers-_-dynamicEndpointRefreshRestartSeconds="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshRestartSeconds"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshRestartSeconds</code></h2>
<p>When the dynamic endpoint refresh that is configured via
dynamicEndpointRefreshSeconds exits (likely due to a failure),
restart that service after this many seconds.</p>
<p>If set to <code>null</code> the value of
{option}<code>networking.wireguard.dynamicEndpointRefreshSeconds</code>
will be used as the default.</p>
<p><strong>Type:</strong> <code>null or (unsigned integer, meaning &gt;=0)</code></p>
<h3 id="default_11" networking-wireguard-interfaces-_wzxhzdk:82_-peers-_-dynamicEndpointRefreshRestartSeconds-default="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshRestartSeconds-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_10" networking-wireguard-interfaces-_wzxhzdk:84_-peers-_-dynamicEndpointRefreshRestartSeconds-example="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshRestartSeconds-example">Example</h3>
<p><code class="highlight"><span class="mi">5</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeersdynamicendpointrefreshseconds" networking-wireguard-interfaces-_wzxhzdk:87_-peers-_-dynamicEndpointRefreshSeconds="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshSeconds"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshSeconds</code></h2>
<p>Periodically re-execute the <code>wg</code> utility every
this many seconds in order to let WireGuard notice DNS / hostname
changes.</p>
<p>Setting this to <code>0</code> disables periodic reexecution.</p>
<p><strong>Type:</strong> <code>signed integer</code></p>
<h3 id="default_12" networking-wireguard-interfaces-_wzxhzdk:91_-peers-_-dynamicEndpointRefreshSeconds-default="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshSeconds-default">Default</h3>
<p><code class="highlight"><span class="mi">0</span></code></p>
<h3 id="example_11" networking-wireguard-interfaces-_wzxhzdk:93_-peers-_-dynamicEndpointRefreshSeconds-example="networking-wireguard-interfaces-<name>-peers-*-dynamicEndpointRefreshSeconds-example">Example</h3>
<p><code class="highlight"><span class="mi">5</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeersendpoint" networking-wireguard-interfaces-_wzxhzdk:96_-peers-_-endpoint="networking-wireguard-interfaces-<name>-peers-*-endpoint"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.endpoint</code></h2>
<p>Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer.</p>
<p>Warning for endpoints with changing IPs:
The WireGuard kernel side cannot perform DNS resolution.
Thus DNS resolution is done once by the <code>wg</code> userspace
utility, when setting up WireGuard. Consequently, if the IP address
behind the name changes, WireGuard will not notice.
This is especially common for dynamic-DNS setups, but also applies to
any other DNS-based setup.
If you do not use IP endpoints, you likely want to set
{option}<code>networking.wireguard.dynamicEndpointRefreshSeconds</code>
to refresh the IPs periodically.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_13" networking-wireguard-interfaces-_wzxhzdk:100_-peers-_-endpoint-default="networking-wireguard-interfaces-<name>-peers-*-endpoint-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_12" networking-wireguard-interfaces-_wzxhzdk:102_-peers-_-endpoint-example="networking-wireguard-interfaces-<name>-peers-*-endpoint-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;demo.wireguard.io:12913&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeersname" networking-wireguard-interfaces-_wzxhzdk:105_-peers-_-name="networking-wireguard-interfaces-<name>-peers-*-name"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.name</code></h2>
<p>Name used to derive peer unit name.
<strong>Type:</strong> <code>string</code></p>
<h3 id="default_14" networking-wireguard-interfaces-_wzxhzdk:107_-peers-_-name-default="networking-wireguard-interfaces-<name>-peers-*-name-default">Default</h3>
<p><code class="highlight">publicKey</code></p>
<h3 id="example_13" networking-wireguard-interfaces-_wzxhzdk:109_-peers-_-name-example="networking-wireguard-interfaces-<name>-peers-*-name-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;bernd&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeerspersistentkeepalive" networking-wireguard-interfaces-_wzxhzdk:112_-peers-_-persistentKeepalive="networking-wireguard-interfaces-<name>-peers-*-persistentKeepalive"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.persistentKeepalive</code></h2>
<p>This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
persistently. For example, if the interface very rarely sends traffic,
but it might at anytime receive traffic from a peer, and it is behind
NAT, the interface might benefit from having a persistent keepalive
interval of 25 seconds; however, most users will not need this.
<strong>Type:</strong> <code>null or signed integer</code></p>
<h3 id="default_15" networking-wireguard-interfaces-_wzxhzdk:114_-peers-_-persistentKeepalive-default="networking-wireguard-interfaces-<name>-peers-*-persistentKeepalive-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_14" networking-wireguard-interfaces-_wzxhzdk:116_-peers-_-persistentKeepalive-example="networking-wireguard-interfaces-<name>-peers-*-persistentKeepalive-example">Example</h3>
<p><code class="highlight"><span class="mi">25</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeerspresharedkey" networking-wireguard-interfaces-_wzxhzdk:119_-peers-_-presharedKey="networking-wireguard-interfaces-<name>-peers-*-presharedKey"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKey</code></h2>
<p>Base64 preshared key generated by {command}<code>wg genpsk</code>.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.</p>
<p>Warning: Consider using presharedKeyFile instead if you do not
want to store the key in the world-readable Nix store.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_16" networking-wireguard-interfaces-_wzxhzdk:122_-peers-_-presharedKey-default="networking-wireguard-interfaces-<name>-peers-*-presharedKey-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_15" networking-wireguard-interfaces-_wzxhzdk:124_-peers-_-presharedKey-example="networking-wireguard-interfaces-<name>-peers-*-presharedKey-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeerspresharedkeyfile" networking-wireguard-interfaces-_wzxhzdk:127_-peers-_-presharedKeyFile="networking-wireguard-interfaces-<name>-peers-*-presharedKeyFile"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.presharedKeyFile</code></h2>
<p>File pointing to preshared key as generated by {command}<code>wg genpsk</code>.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_17" networking-wireguard-interfaces-_wzxhzdk:130_-peers-_-presharedKeyFile-default="networking-wireguard-interfaces-<name>-peers-*-presharedKeyFile-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_16" networking-wireguard-interfaces-_wzxhzdk:132_-peers-_-presharedKeyFile-example="networking-wireguard-interfaces-<name>-peers-*-presharedKeyFile-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;/private/wireguard_psk&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepeerspublickey" networking-wireguard-interfaces-_wzxhzdk:135_-peers-_-publicKey="networking-wireguard-interfaces-<name>-peers-*-publicKey"><code>networking.wireguard.interfaces.&lt;name&gt;.peers.*.publicKey</code></h2>
<p>The base64 public key of the peer.
<strong>Type:</strong> <code>(optionally newline-terminated) single-line string</code></p>
<h3 id="example_17" networking-wireguard-interfaces-_wzxhzdk:137_-peers-_-publicKey-example="networking-wireguard-interfaces-<name>-peers-*-publicKey-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepostsetup" networking-wireguard-interfaces-_wzxhzdk:140_-postSetup="networking-wireguard-interfaces-<name>-postSetup"><code>networking.wireguard.interfaces.&lt;name&gt;.postSetup</code></h2>
<p>Commands called at the end of the interface setup.
<strong>Type:</strong> <code>strings concatenated with "\n" or (list of string) convertible to it</code></p>
<h3 id="default_18" networking-wireguard-interfaces-_wzxhzdk:142_-postSetup-default="networking-wireguard-interfaces-<name>-postSetup-default">Default</h3>
<p><code class="highlight"><span class="s2">&quot;&quot;</span></code></p>
<h3 id="example_18" networking-wireguard-interfaces-_wzxhzdk:144_-postSetup-example="networking-wireguard-interfaces-<name>-postSetup-example">Example</h3>
<p><code class="highlight"><span class="s s-Multiline">&#39;&#39;printf &quot;nameserver 10.200.100.1&quot; | </span><span class="si">${</span>pkgs<span class="o">.</span>openresolv<span class="si">}</span><span class="s s-Multiline">/bin/resolvconf -a wg0 -m 0&#39;&#39;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepostshutdown" networking-wireguard-interfaces-_wzxhzdk:147_-postShutdown="networking-wireguard-interfaces-<name>-postShutdown"><code>networking.wireguard.interfaces.&lt;name&gt;.postShutdown</code></h2>
<p>Commands called after shutting down the interface.
<strong>Type:</strong> <code>strings concatenated with "\n" or (list of string) convertible to it</code></p>
<h3 id="default_19" networking-wireguard-interfaces-_wzxhzdk:149_-postShutdown-default="networking-wireguard-interfaces-<name>-postShutdown-default">Default</h3>
<p><code class="highlight"><span class="s2">&quot;&quot;</span></code></p>
<h3 id="example_19" networking-wireguard-interfaces-_wzxhzdk:151_-postShutdown-example="networking-wireguard-interfaces-<name>-postShutdown-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;</span><span class="si">${</span>pkgs<span class="o">.</span>openresolv<span class="si">}</span><span class="s2">/bin/resolvconf -d wg0&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepresetup" networking-wireguard-interfaces-_wzxhzdk:154_-preSetup="networking-wireguard-interfaces-<name>-preSetup"><code>networking.wireguard.interfaces.&lt;name&gt;.preSetup</code></h2>
<p>Commands called at the start of the interface setup.</p>
<p><strong>Type:</strong> <code>strings concatenated with "\n" or (list of string) convertible to it</code></p>
<h3 id="default_20" networking-wireguard-interfaces-_wzxhzdk:156_-preSetup-default="networking-wireguard-interfaces-<name>-preSetup-default">Default</h3>
<p><code class="highlight"><span class="s2">&quot;&quot;</span></code></p>
<h3 id="example_20" networking-wireguard-interfaces-_wzxhzdk:158_-preSetup-example="networking-wireguard-interfaces-<name>-preSetup-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;</span><span class="si">${</span>pkgs<span class="o">.</span>iproute2<span class="si">}</span><span class="s2">/bin/ip netns add foo&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamepreshutdown" networking-wireguard-interfaces-_wzxhzdk:161_-preShutdown="networking-wireguard-interfaces-<name>-preShutdown"><code>networking.wireguard.interfaces.&lt;name&gt;.preShutdown</code></h2>
<p>Commands called before shutting down the interface.</p>
<p><strong>Type:</strong> <code>strings concatenated with "\n" or (list of string) convertible to it</code></p>
<h3 id="default_21" networking-wireguard-interfaces-_wzxhzdk:163_-preShutdown-default="networking-wireguard-interfaces-<name>-preShutdown-default">Default</h3>
<p><code class="highlight"><span class="s2">&quot;&quot;</span></code></p>
<h3 id="example_21" networking-wireguard-interfaces-_wzxhzdk:165_-preShutdown-example="networking-wireguard-interfaces-<name>-preShutdown-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;</span><span class="si">${</span>pkgs<span class="o">.</span>iproute2<span class="si">}</span><span class="s2">/bin/ip netns del foo&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnameprivatekey" networking-wireguard-interfaces-_wzxhzdk:168_-privateKey="networking-wireguard-interfaces-<name>-privateKey"><code>networking.wireguard.interfaces.&lt;name&gt;.privateKey</code></h2>
<p>Base64 private key generated by {command}<code>wg genkey</code>.</p>
<p>Warning: Consider using privateKeyFile instead if you do not
want to store the key in the world-readable Nix store.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_22" networking-wireguard-interfaces-_wzxhzdk:171_-privateKey-default="networking-wireguard-interfaces-<name>-privateKey-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_22" networking-wireguard-interfaces-_wzxhzdk:173_-privateKey-example="networking-wireguard-interfaces-<name>-privateKey-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnameprivatekeyfile" networking-wireguard-interfaces-_wzxhzdk:176_-privateKeyFile="networking-wireguard-interfaces-<name>-privateKeyFile"><code>networking.wireguard.interfaces.&lt;name&gt;.privateKeyFile</code></h2>
<p>Private key file as generated by {command}<code>wg genkey</code>.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_23" networking-wireguard-interfaces-_wzxhzdk:179_-privateKeyFile-default="networking-wireguard-interfaces-<name>-privateKeyFile-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_23" networking-wireguard-interfaces-_wzxhzdk:181_-privateKeyFile-example="networking-wireguard-interfaces-<name>-privateKeyFile-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;/private/wireguard_key&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnamesocketnamespace" networking-wireguard-interfaces-_wzxhzdk:184_-socketNamespace="networking-wireguard-interfaces-<name>-socketNamespace"><code>networking.wireguard.interfaces.&lt;name&gt;.socketNamespace</code></h2>
<p>The pre-existing network namespace in which the
WireGuard interface is created, and which retains the socket even if the
interface is moved via {option}<code>interfaceNamespace</code>. When
<code>null</code>, the interface is created in the init namespace.
See <a href="https://www.wireguard.com/netns/">documentation</a>.</p>
<p><strong>Type:</strong> <code>null or string</code></p>
<h3 id="default_24" networking-wireguard-interfaces-_wzxhzdk:188_-socketNamespace-default="networking-wireguard-interfaces-<name>-socketNamespace-default">Default</h3>
<p><code class="highlight"><span class="no">null</span></code></p>
<h3 id="example_24" networking-wireguard-interfaces-_wzxhzdk:190_-socketNamespace-example="networking-wireguard-interfaces-<name>-socketNamespace-example">Example</h3>
<p><code class="highlight"><span class="s2">&quot;container&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
<h2 id="networkingwireguardinterfacesnametable" networking-wireguard-interfaces-_wzxhzdk:193_-table="networking-wireguard-interfaces-<name>-table"><code>networking.wireguard.interfaces.&lt;name&gt;.table</code></h2>
<p>The kernel routing table to add this interface's
associated routes to. Setting this is useful for e.g. policy routing
("ip rule") or virtual routing and forwarding ("ip vrf"). Both
numeric table IDs and table names (/etc/rt_tables) can be used.
Defaults to "main".</p>
<p><strong>Type:</strong> <code>string</code></p>
<h3 id="default_25" networking-wireguard-interfaces-_wzxhzdk:195_-table-default="networking-wireguard-interfaces-<name>-table-default">Default</h3>
<p><code class="highlight"><span class="s2">&quot;main&quot;</span></code></p>
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/wireguard.nix</a></p>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Licenced MIT
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
<div class="md-social">
<a href="https://git.auxolotl.org/auxolotl/docs" target="_blank" rel="noopener" title="Aux Docs Repo" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
</a>
<a href="https://forum.aux.computer/" target="_blank" rel="noopener" title="Aux Forum" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12.103 0C18.666 0 24 5.485 24 11.997c0 6.51-5.33 11.99-11.9 11.99L0 24V11.79C0 5.28 5.532 0 12.103 0zm.116 4.563a7.395 7.395 0 0 0-6.337 3.57 7.247 7.247 0 0 0-.148 7.22L4.4 19.61l4.794-1.074a7.424 7.424 0 0 0 8.136-1.39 7.256 7.256 0 0 0 1.737-7.997 7.375 7.375 0 0 0-6.84-4.585h-.008z"/></svg>
</a>
<a href="https://wiki.auxolotl.org/" target="_blank" rel="noopener" title="Aux Wiki" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M17.801 13.557c.148.098.288.202.417.313 1.854 1.6 3.127 4.656 2.582 7.311-1.091-.255-5.747-1.055-7.638-3.383-.91-1.12-1.366-2.081-1.569-2.885a5.65 5.65 0 0 0 .034-.219c.089.198.197.35.313.466.24.24.521.335.766.372.304.046.594-.006.806-.068l.001.001c.05-.015.433-.116.86-.342.325-.173 2.008-.931 3.428-1.566Zm-7.384 1.435C9.156 16.597 6.6 18.939.614 18.417c.219-1.492 1.31-3.019 2.51-4.11.379-.345.906-.692 1.506-1.009.286.168.598.332.939.486 2.689 1.221 3.903 1.001 4.89.573a1.3 1.3 0 0 0 .054-.025 6.156 6.156 0 0 0-.096.66Zm4.152-.462c.38-.341.877-.916 1.383-1.559-.389-.15-.866-.371-1.319-.591-.598-.29-1.305-.283-2.073-.315a4.685 4.685 0 0 1-.804-.103c.014-.123.027-.246.038-.369.062.104.673.057.871.057.354 0 1.621.034 3.074-.574 1.452-.608 2.55-1.706 3.022-3.225.474-1.52.22-3.091-.168-3.952-.169.709-1.453 2.381-1.926 2.871-.473.489-2.381 2.296-2.972 2.921-.7.74-.688.793-1.332 1.302-.202.19-.499.402-.563.53.027-.338.039-.675.027-.997a7.653 7.653 0 0 0-.032-.523c.322-.059.567-.522.567-.861 0-.224-.106-.247-.271-.229.075-.894.382-3.923 1.254-4.281.218.109.831.068.649-.295-.182-.364-.825-.074-1.081.266-.28.374-.956 2.046-.92 4.324-.113.014-.174.033-.322.033-.171 0-.321-.04-.433-.05.034-2.275-.714-3.772-.84-4.169-.12-.375-.491-.596-.781-.596-.146 0-.272.056-.333.179-.182.363.459.417.677.308.706.321 1.156 3.519 1.254 4.277-.125-.006-.199.035-.199.233 0 .311.17.756.452.843a.442.442 0 0 0-.007.03s-.287.99-.413 2.189a4.665 4.665 0 0 1-.718-.225c-.714-.286-1.355-.583-2.019-.566-.664.018-1.366.023-1.804-.036-.438-.058-.649-.15-.649-.15s-.234.365.257 1.075c.42.607 1.055 1.047 1.644 1.18.589.134 1.972.18 2.785-.377.16-.109.317-.228.459-.34a8.717 8.717 0 0 0-.013.626c-.289.753-.571 1.993-.268 3.338 0-.001.701-.842.787-2.958.006-.144.009-.271.01-.383.052-.248.103-.518.148-.799.072.135.151.277.234.413.511.842 1.791 1.37 2.383 1.49.091.019.187.032.285.038Zm-1.12.745c-.188.055-.445.1-.713.059-.21-.031-.45-.11-.655-.316-.169-.168-.312-.419-.401-.789a9.837 9.837 0 0 0 .039-.82l.049-.243c.563.855 1.865 1.398 2.476 1.522.036.008.072.014.109.02l-.013.009c-.579.415-.76.503-.891.558Zm6.333-2.818c-.257.114-4.111 1.822-5.246 2.363.98-.775 3.017-3.59 3.699-4.774 1.062.661 1.468 1.109 1.623 1.441.101.217.09.38.096.515a.57.57 0 0 1-.172.455Zm-9.213 1.62a1.606 1.606 0 0 1-.19.096c-.954.414-2.126.61-4.728-.571-2.023-.918-3.024-2.157-3.371-2.666.476.161 1.471.473 2.157.524.282.021.703.068 1.167.125.021.209.109.486.345.829l.001.001c.451.651 1.134 1.119 1.765 1.262.622.141 2.083.182 2.942-.407a3.12 3.12 0 0 0 .132-.093l.001.179a6.052 6.052 0 0 0-.221.721Zm5.512-1.271a17.49 17.49 0 0 1-1.326-.589c.437.042 1.054.083 1.692.108-.121.162-.244.323-.366.481Zm.932-1.26c-.12.17-.245.343-.373.517-.241.018-.478.03-.709.038a29.05 29.05 0 0 1-.741-.048c.608-.065 1.228-.252 1.823-.507Zm.22-.315c-.809.382-1.679.648-2.507.648-.472 0-.833.018-1.139.039v.001c-.324-.031-.665-.039-1.019-.054a3.555 3.555 0 0 1-.152-.009c.102-.002.192-.006.249-.006.363 0 1.662.034 3.151-.589 1.508-.632 2.645-1.773 3.136-3.351.37-1.186.31-2.402.086-3.312.458-.336.86-.651 1.147-.91.501-.451.743-.733.848-.869.199.206.714.864.685 2.138-.036 1.611-.606 3.187-1.501 4.154a9.099 9.099 0 0 1-1.321 1.132 11.978 11.978 0 0 0-.644-.422l-.089-.055-.051.091c-.184.332-.5.825-.879 1.374ZM4.763 5.817c-.157 1.144.113 2.323.652 3.099.539.776 2.088 2.29 3.614 2.505.991.14 2.055.134 2.055.134s-.593-.576-1.114-1.66c-.521-1.085-.948-2.104-1.734-2.786-.785-.681-1.601-1.416-2.045-1.945-.444-.53-.59-.86-.59-.86s-.656.175-.838 1.513Zm14.301 4.549a9.162 9.162 0 0 0 1.3-1.12c.326-.352.611-.782.845-1.265 1.315.145 2.399.371 2.791.434 0 0-.679 1.971-3.945 3.022l-.016-.035c-.121-.26-.385-.594-.975-1.036Zm-11.634.859a8.537 8.537 0 0 1-.598-.224c-1.657-.693-2.91-1.944-3.449-3.678-.498-1.601-.292-3.251.091-4.269.225.544.758 1.34 1.262 2.01a3.58 3.58 0 0 0-.172.726c-.163 1.197.123 2.428.687 3.24.416.599 1.417 1.62 2.555 2.193-.128.002-.253.003-.376.002Zm-1.758-.077c-.958-.341-1.901-.787-2.697-1.368C-.07 7.559 0 6.827 0 6.827s1.558-.005 3.088.179c.03.126.065.
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["content.tooltips", "search.highlight", "navigation.tabs", "navigation.indexes", "navigation.prune"], "search": "../../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../../assets/javascripts/bundle.fe8b6f2b.min.js"></script>
</body>
</html>